Update e2e suite to cover supported package managers

2026-05-26 12:10:49 +00:00 · 2026-05-08 13:13:37 +01:00 · 2026-05-08 13:13:37 +01:00 · e891d1a992
commit e891d1a992
parent 26f1dfb81a
1 changed files with 77 additions and 32 deletions
--- a/test/e2e/rush.e2e.spec.js
+++ b/test/e2e/rush.e2e.spec.js
@ -4,6 +4,11 @@ import assert from "node:assert";

 describe("E2E: rush coverage", () => {
  let container;
+  const packageManagerConfigs = [
+    { name: "pnpm", versionField: "pnpmVersion", version: "latest" },
+    { name: "yarn", versionField: "yarnVersion", version: "latest" },
+    { name: "npm", versionField: "npmVersion", version: "latest" },
+  ];

  before(async () => {
    DockerTestContainer.buildImage();
@ -65,41 +70,81 @@ describe("E2E: rush coverage", () => {
      `Malicious package was added despite safe-chain protection. Output was:\n${packageJson.output}`
    );
  });
+
+  for (const packageManagerConfig of packageManagerConfigs) {
+    it(`safe-chain proxy blocks malicious package downloads during rush update with ${packageManagerConfig.name}`, async () => {
+      const shell = await container.openShell("zsh");
+      await setupRushWorkspace(shell, {
+        packageManagerConfig,
+        packageJson: `{
+  "name": "test-app",
+  "version": "1.0.0",
+  "dependencies": {
+    "safe-chain-test": "0.0.1-security"
+  }
+}`,
      });

-async function setupRushWorkspace(shell) {
-  await shell.runCommand("mkdir -p /testapp/common/config/rush /testapp/apps/test-app");
-  await shell.runCommand(`cat > /testapp/common/config/rush/rush.json <<'EOF'
-{
-  "$schema": "https://developer.microsoft.com/json-schemas/rush/v5/rush.schema.json",
-  "rushVersion": "5.175.1",
-  "pnpmVersion": "11.0.6",
-  "nodeSupportedVersionRange": ">=18.0.0",
-  "projectFolderMinDepth": 1,
-  "projectFolderMaxDepth": 2,
-  "gitPolicy": {},
-  "repository": {
-    "url": "https://example.com/testapp.git",
-    "defaultBranch": "main"
-  },
-  "eventHooks": {
-    "preRushInstall": [],
-    "postRushInstall": [],
-    "preRushBuild": [],
-    "postRushBuild": []
-  },
-  "projects": [
-    {
-      "packageName": "test-app",
-      "projectFolder": "apps/test-app"
+      const result = await shell.runCommand("cd /testapp/apps/test-app && rush update");
+
+      assert.ok(
+        result.output.includes("blocked 1 malicious package downloads"),
+        `Output did not include expected text. Output was:\n${result.output}`
+      );
+      assert.ok(
+        result.output.includes("- safe-chain-test"),
+        `Output did not include expected text. Output was:\n${result.output}`
+      );
+      assert.ok(
+        result.output.includes("Exiting without installing malicious packages."),
+        `Output did not include expected text. Output was:\n${result.output}`
+      );
+    });
  }
-  ]
-}
-EOF`);
-  await shell.runCommand(`cat > /testapp/apps/test-app/package.json <<'EOF'
-{
+});
+
+async function setupRushWorkspace(shell, options = {}) {
+  const packageManagerConfig = options.packageManagerConfig ?? {
+    versionField: "pnpmVersion",
+    version: "11.0.6",
+  };
+  const packageJson = options.packageJson ?? `{
  "name": "test-app",
  "version": "1.0.0"
+}`;
+  const rushConfig = {
+    $schema: "https://developer.microsoft.com/json-schemas/rush/v5/rush.schema.json",
+    rushVersion: "5.175.1",
+    [packageManagerConfig.versionField]: packageManagerConfig.version,
+    nodeSupportedVersionRange: ">=18.0.0",
+    projectFolderMinDepth: 1,
+    projectFolderMaxDepth: 2,
+    gitPolicy: {},
+    repository: {
+      url: "https://example.com/testapp.git",
+      defaultBranch: "main",
+    },
+    eventHooks: {
+      preRushInstall: [],
+      postRushInstall: [],
+      preRushBuild: [],
+      postRushBuild: [],
+    },
+    projects: [
+      {
+        packageName: "test-app",
+        projectFolder: "apps/test-app",
+      },
+    ],
+  };
+
+  await shell.runCommand("rm -rf /testapp/common /testapp/apps/test-app");
+  await shell.runCommand("mkdir -p /testapp/apps/test-app");
+  await writeTextFile(shell, "/testapp/rush.json", JSON.stringify(rushConfig, null, 2));
+  await writeTextFile(shell, "/testapp/apps/test-app/package.json", packageJson);
 }
-EOF`);
+
+async function writeTextFile(shell, filePath, content) {
+  const encoded = Buffer.from(content).toString("base64");
+  await shell.runCommand(`printf '%s' '${encoded}' | base64 -d > ${filePath}`);
 }